package jaoso.framework.web.action;

import jaoso.framework.domain.Account;
import jaoso.framework.domain.Right;
import jaoso.framework.domain.Role;

import jaoso.framework.exception.AccountAlreadyExistException;
import jaoso.framework.exception.BusinessException;
import jaoso.framework.exception.GroupExistException;
import jaoso.framework.exception.RightExistException;

import jaoso.framework.service.SecurityService;

import jaoso.framework.util.MyUtils;

import org.apache.commons.beanutils.BeanUtils;

import org.apache.log4j.Category;
import org.apache.log4j.Logger;
import org.apache.struts.action.ActionError;
import org.apache.struts.action.ActionErrors;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.action.DynaActionForm;
import org.faquir.license.License;
import org.faquir.license.LicenseFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;

import com.yl.cap.analyst.exceptions.GroupConflictException;
import com.yl.cap.analyst.user.domain.User;

import java.io.File;
import java.io.IOException;

import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;

import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * security action include login logout register and no right
 * 
 * @author Edgeloner
 */
public class SecurityAction extends BaseAction
{
    /** security manager service */
    private SecurityService securityService;

    Category log = Logger.getLogger("popedom");

    private SecurityService getService()
    {
        ApplicationContext ctx = WebApplicationContextUtils
                .getWebApplicationContext(this.getServlet().getServletContext());
        return (SecurityService) ctx.getBean("securityService");
    }

    /**
     * change account role
     * 
     * @param mapping
     *            actionMapping
     * @param form
     *            actionForm
     * @param request
     *            http request
     * @param response
     *            http response
     * 
     * @return actionforward
     * 
     * @throws IOException
     *             IO error
     * @throws ServletException
     *             any error
     */
    public final ActionForward changeAccountGroup(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();
        String accountId = request.getParameter("accountId");
        String groupId = request.getParameter("groupId");

        try
        {
            securityService.changeAccountRole(accountId, groupId);
        }
        catch (BusinessException e)
        {
            log.error("changeAccountGroup error: " + e);
            errors.add("changeAccountGroup", new ActionError(
                    "errors.UnKnowError"));
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }
        else
        {
            removeAttribute(mapping, request);

            return (mapping.findForward("success"));
        }
    }

    /**
     * create new right
     * 
     * @param mapping
     *            actionMapping
     * @param form
     *            actionForm
     * @param request
     *            http request
     * @param response
     *            http response
     * 
     * @return actionforward
     * 
     * @throws IOException
     *             IO error
     * @throws ServletException
     *             any error
     */
    public final ActionForward createRight(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();
        Right right = new Right();

        try
        {
            BeanUtils.copyProperties(right, form);
        }
        catch (Exception e)
        {
            log.error("copy form to right error: " + e);
            errors.add("create right", new ActionError("errors.UnKnowError"));
        }

        try
        {
            securityService.createRight(right);
        }
        catch (BusinessException e)
        {
            log.error("create right error: " + e);
            errors.add("create right", new ActionError("errors.UnKnowError"));
        }
        catch (RightExistException e)
        {
            errors.add("create right", new ActionError("errors.RightExist"));
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }
        else
        {
            removeAttribute(mapping, request);

            return (mapping.findForward("success"));
        }
    }

    /**
     * create a new group
     * 
     * @param mapping
     *            actionMapping
     * @param form
     *            actionForm
     * @param request
     *            http request
     * @param response
     *            http response
     * 
     * @return actionforward
     * 
     * @throws IOException
     *             IO error
     * @throws ServletException
     *             any error
     */
    public final ActionForward createRole(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();

        String[] rights = request.getParameterValues("chosen");
        rights = rights == null ? new String[0] : rights;
        Role group = new Role();
        group.setDesc(request.getParameter("groupName"));

        try
        {
            SecurityService securityService = getService();
            securityService.createRole(group, rights);
        }
        catch (BusinessException e)
        {
            log.error("create group error: ", e);
            errors.add("create right", new ActionError("errors.UnKnowError"));
        }
        catch (GroupExistException e)
        {
            log.error("create group error: ", e);
            errors.add("create right", new ActionError("errors.GroupExist"));
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }
        else
        {
            removeAttribute(mapping, request);

            return (mapping.findForward("success"));
        }
    }

    /**
     * list all account
     * 
     * @param mapping
     *            mapping
     * @param form
     *            form
     * @param request
     *            request
     * @param response
     *            response
     * 
     * @return ActionForward
     * 
     * @throws IOException
     *             IOException
     * @throws ServletException
     *             ServletException
     */
    public final ActionForward listAccount(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();
        Account[] accounts = null;
        // Role[] groups = null;

        try
        {
            SecurityService securityService = getService();
            accounts = securityService.findAllAccount();

            /*
             * for (int i = 0, n = accounts.length; i < n; i++) { if
             * (accounts[i].getGroup() == null) { accounts[i].setGroup(new
             * Role()); } }
             */

            // groups = securityService.findAllGroup();
        }
        catch (BusinessException e)
        {
            log.error("listAccount error: " + e);
            errors.add("listAccount", new ActionError("errors.UnKnowError"));
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }

        removeAttribute(mapping, request);
        request.setAttribute("accounts", accounts);
        // request.setAttribute("groups", groups);

        return mapping.findForward("adminlist");
    }

    /**
     * list all right
     * 
     * @param mapping
     *            actionMapping
     * @param form
     *            actionForm
     * @param request
     *            http request
     * @param response
     *            http response
     * 
     * @return actionforward
     * 
     * @throws IOException
     *             IO error
     * @throws ServletException
     *             any error
     */
    public final ActionForward listRight(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();
        Right[] rights = null;
        SecurityService securityService = getService();

        try
        {
            rights = securityService.findAllRight();
        }
        catch (BusinessException e)
        {
            log.error("listAccount error: " + e);
            errors.add("listAccount", new ActionError("errors.UnKnowError"));
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }

        request.setAttribute("rights", rights);

        return mapping.findForward("createadmingroup");
    }

    /**
     * list all groups
     * 
     * @param mapping
     *            action mapping
     * @param form
     *            action form
     * @param request
     *            http request
     * @param response
     *            http response
     * 
     * @return action forward
     * 
     * @throws IOException
     *             io error
     * @throws ServletException
     *             servlet exception
     */
    public final ActionForward showRegister(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();
        Role[] groups = null;
        Right[] rights = null;

        try
        {
            SecurityService securityService = getService();
            groups = securityService.findAllGroup();
            // rights = securityService.findAllRight();
        }
        catch (BusinessException e)
        {
            e.printStackTrace();
            log.error("listAccount error: " + e);
            errors.add("listAccount", new ActionError("errors.UnKnowError"));
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }

        request.setAttribute("groups", groups);
        // request.setAttribute("rights", rights);

        return mapping.findForward("createadmin");
    }

    public final ActionForward listRole(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();
        Role[] groups = null;
        // Right[] rights = null;

        SecurityService securityService = getService();

        try
        {
            groups = securityService.findAllGroup();
            // rights = securityService.findAllRight();
        }
        catch (BusinessException e)
        {
            log.error("listAccount error: " + e);
            errors.add("listAccount", new ActionError("errors.UnKnowError"));
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }

        request.setAttribute("groups", groups);
        // request.setAttribute("rights", rights);

        return mapping.findForward("admingrouplist");
    }

    /**
     * login system
     * 
     * @param mapping
     *            actionMapping
     * @param form
     *            actionForm
     * @param request
     *            http request
     * @param response
     *            http response
     * 
     * @return actionforward
     * 
     * @throws IOException
     *             IO error
     * @throws ServletException
     *             any error
     */
    public final ActionForward login(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        // HttpSession session = request.getSession();

        /*
         * if (session == null) { session = request.getSession(true); }
         */

        ActionErrors errors = new ActionErrors();
        DynaActionForm loginForm = (DynaActionForm) form;
        String userName = (String) loginForm.get("name");
        String password = (String) loginForm.get("password");

        // check the check code
        // if
        // (!request.getSession().getAttribute("chkCode").equals(request.getParameter(
        // "chkCode"))) {
        // errors.add(ActionErrors.GLOBAL_ERROR,
        // new ActionError("errors.chkCodeNoMatch"));
        // saveErrors(request, errors);
        //
        // return mapping.findForward("faile");
        // }
        Account account = null;
        Role role = null;

        try
        {
            // check license
            License license = LicenseFactory.getLicense();
            ServletContext application = this.getServlet().getServletContext();
            boolean res = license.canUse(new File(application
                    .getRealPath("/conf/license/" + "license")));
            // boolean res = true;
            if (!res)
            {
                errors
                        .add("User login", new ActionError(
                                "errors.LicenseError"));
                log.fatal("License Error", null);
            }
            else
            {
                // do service
                SecurityService securityService = getService();
                account = securityService.login(userName, password);

                if ((account == null)/*
                                         * || (account.getGroup() == null) ||
                                         * MyUtils.isBlank(account.getGroup().getId())
                                         */)
                {
                    errors.add("User login", new ActionError(
                            "errors.LoginError"));
                    log.debug("login failure", null);
                }
            }
        }
        catch (Exception e)
        {
            errors.add("User login", new ActionError("errors.LoginError"));
            log.error("login failure", e);
        }

        // Report any errors we have discovered back to the original form
        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }

        // Remove the obsolete form bean
        removeAttribute(mapping, request);

        // Set account Object to session
        request.getSession().setAttribute("account", account.getId());
        role = account.getGroup();
        if (role != null)
        {
            request.getSession().setAttribute("group",
                    account.getGroup().getId());
        }
        else
        {
            request.getSession().setAttribute("group", null);
        }

        final String destinatedUrl = request.getParameter("DEST_URL");

        // If there is a destinated url,forward to this url
        if ((destinatedUrl != null) && (destinatedUrl.length() > 0))
        {
            return new ActionForward(destinatedUrl);
        }
        else
        {
            // Forward control to the specified success URI

            String tmpFor = null;
            if (role != null)
            {
                if ("inner".equals(request.getParameter("type")))
                {
                    tmpFor = "inSuc";
                }
                else
                {
                    tmpFor = "suc";
                }
            }
            else
            {
                tmpFor = "viewer";
            }
            return (mapping.findForward(tmpFor));
        }
    }

    /**
     * logout system
     * 
     * @param mapping
     *            mapping
     * @param form
     *            form
     * @param request
     *            request
     * @param response
     *            response
     * 
     * @return ActionForward
     * 
     * @throws IOException
     *             IOException
     * @throws ServletException
     *             ServletException
     */
    public final ActionForward logout(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        if (request.getSession(false) != null)
        {
            request.getSession(false).invalidate();
        }

        // Remove the obsolete form bean
        removeAttribute(mapping, request);

        return mapping.findForward("login");
    }

    /**
     * no right
     * 
     * @param mapping
     *            mapping
     * @param form
     *            form
     * @param request
     *            request
     * @param response
     *            response
     * 
     * @return ActionForward
     * 
     * @throws IOException
     *             IOException
     * @throws ServletException
     *             ServletException
     */
    public final ActionForward noRight(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();
        errors.add("no right", new ActionError("errors.NoRight"));

        // Remove the obsolete form bean
        removeAttribute(mapping, request);

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);
        }

        return mapping.findForward("success");
    }

    /**
     * DOCUMENT ME!
     * 
     * @param mapping
     *            actionMapping
     * @param form
     *            actionForm
     * @param request
     *            http request
     * @param response
     *            http response
     * 
     * @return actionforward
     * 
     * @throws IOException
     *             IO error
     * @throws ServletException
     *             any error
     */
    public final ActionForward register(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();
        Account account = new Account();
        account.setName((String) ((DynaActionForm) form).get("name"));
        User user = new User();
        user.setRealName((String) ((DynaActionForm) form).get("realName"));
        user.setAccount(account);
        account.setUser(user);
        account.setPassword("123456");
        Role group = new Role();
        group.setId((String) ((DynaActionForm) form).get("groupId"));
        account.setGroup(group);

        try
        {
            SecurityService securityService = getService();
            securityService.register(account);
        }
        catch (BusinessException e)
        {
            log.error("register account error: " + e);
            errors.add("register account",
                    new ActionError("errors.UnKnowError"));
        }
        catch (AccountAlreadyExistException e)
        {
            log.error("register account error: " + e);
            errors.add("register account", new ActionError(
                    "errors.AccountExist"));
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }
        else
        {
            return (mapping.findForward("success"));
        }
    }

    /**
     * DOCUMENT ME!
     * 
     * @param mapping
     *            actionMapping
     * @param form
     *            actionForm
     * @param request
     *            http request
     * @param response
     *            http response
     * 
     * @return actionforward
     * 
     * @throws IOException
     *             IO error
     * @throws ServletException
     *             any error
     */
    public final ActionForward removeAccount(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();

        String[] ids = request.getParameterValues("id");

        try
        {
            SecurityService securityService = getService();
            securityService.removeAccount(ids);
        }
        catch (BusinessException e)
        {
            log.error("remove account error: ", e);
            errors.add("remove account", new ActionError("errors.UnKnowError"));
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }

        return (mapping.findForward("success"));
    }

    /**
     * DOCUMENT ME!
     * 
     * @param mapping
     *            actionMapping
     * @param form
     *            actionForm
     * @param request
     *            http request
     * @param response
     *            http response
     * 
     * @return actionforward
     * 
     * @throws IOException
     *             IO error
     * @throws ServletException
     *             any error
     */
    public final ActionForward removeRight(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();
        String[] index = request.getParameterValues("index");
        String[] ids = request.getParameterValues("id");
        String[] rights = new String[index.length];
        int j = 0;

        for (int i = 0, n = index.length; i < n; i++)
        {
            j = Integer.parseInt(index[i]);
            rights[i] = ids[j];
        }

        try
        {
            securityService.removeRight(rights);
        }
        catch (BusinessException e)
        {
            log.error("remove right error: ", e);
            errors.add("remove right", new ActionError("errors.UnKnowError"));
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }

        return (mapping.findForward("success"));
    }

    /**
     * remove group
     * 
     * @param mapping
     *            actionMapping
     * @param form
     *            actionForm
     * @param request
     *            http request
     * @param response
     *            http response
     * 
     * @return actionforward
     * 
     * @throws IOException
     *             IO error
     * @throws ServletException
     *             any error
     */
    public final ActionForward removeRole(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();

        String[] ids = request.getParameterValues("selGroup");

        try
        {
            getService().removeRole(ids);
        }
        catch (AccountAlreadyExistException e)
        {
            log.error("removeGroup error: ", e);
            errors.add("removeGroup", new ActionError("errors.HaveUserError"));
        }
        catch (BusinessException e)
        {
            log.error("remove group error: ", e);
            errors.add("remove group", new ActionError("errors.UnKnowError"));
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }

        return (mapping.findForward("success"));
    }

    /**
     * update account info
     * 
     * @param mapping
     *            action mapping
     * @param form
     *            action form
     * @param request
     *            http request
     * @param response
     *            http response
     * 
     * @return action forward
     * 
     * @throws IOException
     *             io exception
     * @throws ServletException
     *             servlet exception
     */
    public final ActionForward updateAccountInfo(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();
        Account account = new Account();
        account.setId(request.getParameter("id"));
        account.setName(request.getParameter("loginName"));
        account.setPassword(request.getParameter("repassword"));
        Role role = new Role();
        role.setId(request.getParameter("roleId"));
        User user = new User();
        user.setId(request.getParameter("userId"));
        user.setRealName(request.getParameter("realName"));
        user.setAccount(account);
        account.setGroup(role);
        account.setUser(user);

        try
        {
            SecurityService securityService = getService();
            securityService.updateAccount(account);
        }
        catch (BusinessException e)
        {
            log.error("updateAccountInfo error: " + e);
            errors.add("updateAccountInfo", new ActionError(
                    "errors.UnKnowError"));
        }
        catch (AccountAlreadyExistException e)
        {
            log.error("updateAccountInfo error: " + e);
            errors.add("updateAccountInfo", new ActionError(
                    "errors.AccountExist"));
        }
        catch (GroupConflictException e)
        {
            log.error("updateAccountInfo error:",e);
            errors.add("updateAccountInfo",new ActionError("errors.GroupConflict"));
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }
        else
        {
            removeAttribute(mapping, request);

            return (mapping.findForward("success"));
        }
    }

    /**
     * update right
     * 
     * @param mapping
     *            actionMapping
     * @param form
     *            actionForm
     * @param request
     *            http request
     * @param response
     *            http response
     * 
     * @return actionforward
     * 
     * @throws IOException
     *             IO error
     * @throws ServletException
     *             any error
     */
    public final ActionForward updateRight(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();
        String[] index = request.getParameterValues("index");
        String[] ids = request.getParameterValues("id");
        String[] boxs = request.getParameterValues("box");
        String[] descs = request.getParameterValues("desc");
        String[] urls = request.getParameterValues("url");
        Right[] rights = new Right[index.length];
        int j = 0;

        for (int i = 0, n = index.length; i < n; i++)
        {
            j = Integer.parseInt(index[i]);
            rights[i] = new Right();
            rights[i].setId(ids[j]);
            rights[i].setBox(boxs[j]);
            rights[i].setDesc(descs[j]);
            rights[i].setUrl(urls[j]);
        }

        try
        {
            securityService.updateRight(rights);
        }
        catch (BusinessException e)
        {
            log.error("update right error: ", e);
            errors.add("update right", new ActionError("errors.UnKnowError"));
        }
        catch (RightExistException e)
        {
            log.error("update right error: ", e);
            errors.add("update right", new ActionError("errors.RightExist"));
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }

        removeAttribute(mapping, request);

        return (mapping.findForward("success"));
    }

    /**
     * update group desc or rights
     * 
     * @param mapping
     *            actionMapping
     * @param form
     *            actionForm
     * @param request
     *            http request
     * @param response
     *            http response
     * 
     * @return actionforward
     * 
     * @throws IOException
     *             IO error
     * @throws ServletException
     *             any error
     */
    public final ActionForward updateRole(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();
        String[] removeRight = request.getParameterValues("possible");
        String[] addRight = request.getParameterValues("chosen");
        Role group = new Role();
        group.setId(request.getParameter("roleId"));
        group.setDesc(request.getParameter("roleName"));

        try
        {
            SecurityService securityService = getService();
            securityService.updateRole(group, removeRight, addRight);
        }
        catch (BusinessException e)
        {
            log.error("update group error: ", e);
            errors.add("update group", new ActionError("errors.UnKnowError"));
        }
        catch (GroupExistException e)
        {
            log.error("update group error: ", e);
            errors.add("create right", new ActionError("errors.GroupExist"));
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }

        removeAttribute(mapping, request);

        return (mapping.findForward("success"));
    }

    /**
     * view account info
     * 
     * @param mapping
     *            action mapping
     * @param form
     *            action form
     * @param request
     *            http request
     * @param response
     *            http response
     * 
     * @return action forward
     * 
     * @throws IOException
     *             io exception
     * @throws ServletException
     *             servlet exception
     */
    public final ActionForward viewAccount(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();
        Account account = null;
        String accountId = request.getParameter("id");

        Role[] groups = null;
        try
        {
            SecurityService securityService = getService();
            account = securityService.findAccountById(accountId);
            groups = securityService.findAllGroup();
        }
        catch (Exception e)
        {
            account = null;
            groups = null;
            log.error("viewAccount error: ", e);
        }
        if (account == null)
        {
            errors.add("register account",
                    new ActionError("errors.UnKnowError"));
        }
        else
        {
            request.setAttribute("account", account);
            request.setAttribute("groups", groups);
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }

        return (mapping.findForward("editadmin"));
    }

    /**
     * find account by name
     * 
     * @param mapping
     * @param form
     * @param request
     * @param response
     * @return
     * @throws IOException
     * @throws ServletException
     */
    public final ActionForward findAccountByName(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        //ActionErrors errors = new ActionErrors();
        Account account = null;
        String accountName = request.getParameter("accountName");
        String page = request.getParameter("page");
        Account[] accounts = null;
        SecurityService securityService = getService();

        try
        {
            if (!MyUtils.isBlank(accountName))
            {
                account = securityService.findAccountByName(accountName);
            }
            else
            {
                accounts = securityService.findAllAccount();
            }
        }
        catch (Exception e)
        {
            account = null;
            log.error("findAccountByName error: ", e);
        }

        if (account != null)
        {
            accounts = new Account[1];
            accounts[0] = account;
        }

        request.setAttribute("accounts", accounts);
        String pageType = "user".equals(page) ? "userlist" : "adminlist";
        return (mapping.findForward(pageType));
    }

    /**
     * view group
     * 
     * @param mapping
     *            actionMapping
     * @param form
     *            actionForm
     * @param request
     *            http request
     * @param response
     *            http response
     * 
     * @return actionforward
     * 
     * @throws IOException
     *             IO error
     * @throws ServletException
     *             any error
     */
    public final ActionForward viewRole(final ActionMapping mapping,
            final ActionForm form, final HttpServletRequest request,
            final HttpServletResponse response) throws IOException,
            ServletException
    {
        ActionErrors errors = new ActionErrors();
        Role group = null;
        Right[] rights = null;
        String groupId = request.getParameter("selGroup");

        try
        {
            SecurityService securityService = getService();
            group = securityService.findRoleById(groupId);
            rights = securityService.findAllRight();
        }
        catch (BusinessException e)
        {
            log.error("viewAccountInfo error: " + e.getMessage());
            errors.add("register account",
                    new ActionError("errors.UnKnowError"));
        }

        if (group == null)
        {
            errors.add("view group", new ActionError("errors.UnKnowError"));
        }
        else
        {
            Map rightlist = new HashMap();

            for (int i = 0, n = rights.length; i < n; i++)
            {
                rightlist.put(rights[i].getId(), rights[i]);
            }

            for (Iterator i = group.getRights().iterator(); i.hasNext();)
            {
                rightlist.remove(((Right) i.next()).getId());
            }

            // ((DynaActionForm) form).set("group", group);
            /**
             * request.getSession(false) .setAttribute("rights",
             * rightlist.values());
             * request.getSession(false).setAttribute("removerights",
             * group.getRights());
             */
            request.setAttribute("role", group);
            request.setAttribute("rights", rightlist.values());
            request.setAttribute("removerights", group.getRights());
        }

        if (!errors.isEmpty())
        {
            saveErrors(request, errors);

            return mapping.findForward("faile");
        }

        return (mapping.findForward("editadmingroup"));
    }

    public void setSecurityService(SecurityService securityService)
    {
        this.securityService = securityService;
    }
}